Open Redirect Vulnerability in FunnelKit Automation by Autonami
CVE-2025-30795

4.7MEDIUM

Key Information:

Vendor

WordPress

Vendor
CVE Published:
27 March 2025

What is CVE-2025-30795?

An Open Redirect vulnerability exists in FunnelKit Automation by Autonami, which permits attackers to redirect users to untrusted sites. This flaw, affecting all versions up to and including 3.5.1, can be exploited to facilitate phishing attacks, threatening the security of users and compromising sensitive data. It is crucial for users to apply necessary patches and updates to safeguard their systems against potential exploitation.

Affected Version(s)

FunnelKit Automations 0 <= 3.5.1

References

CVSS V3.1

Score:
4.7
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Le Ngoc Anh (Patchstack Alliance)
.